PBS Endo Performance Issues on Windows 10 1903

IRJ

Turning on SMB v1 is not a good thing

scottalanmiller

@IRJ said in PBS Endo Performance Issues on Windows 10 1903:

Turning on SMB v1 is not a good thing

Running PBS Endo is not a good thing. Sadly in the medical and veterinary and similar fields, nearly all software is designed with a dependency on SMB and the design is around how SMB1 works. And without it, aren't fast enough to work.

It's 20-25 years of bad software design that no one cared about catching up with them in yet another way. But as no customer of something like PBS Endo would ever care about SMB1 being enabled, or that all security is turned off, it's of no concern to the vendor. The entire ecosystem is built around not caring if it does a good job.

Dashrender

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

But as no customer of something like PBS Endo would ever care about SMB1 being enabled, or that all security is turned off, it's of no concern to the vendor.

I consider this an overstatement. I'm sure given the choice they would choose a more secure setup.. but it would also depend on the costs differences.

scottalanmiller

@Dashrender said in PBS Endo Performance Issues on Windows 10 1903:

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

But as no customer of something like PBS Endo would ever care about SMB1 being enabled, or that all security is turned off, it's of no concern to the vendor.

I consider this an overstatement. I'm sure given the choice they would choose a more secure setup.. but it would also depend on the costs differences.

They do have choices, PBS Endo isn't considered generally viable for the industry. It's known to be garbage and there are loads of alternatives. Almost no one uses it because it is so bad. So absolutely everyone uses it is making a very conscious decision to not care about it working well.

The theory that people are stuck with the one software out there essentially never applies. Somewhere, someone faces the "use it or make your own" ultimatum, but in decades of IT, I've never met anyone in the real world with that issue. Not even in really extremely niche industries. Certainly not in massive multi-billion dollar mainstream ones like this.

IRJ

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

@Dashrender said in PBS Endo Performance Issues on Windows 10 1903:

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

But as no customer of something like PBS Endo would ever care about SMB1 being enabled, or that all security is turned off, it's of no concern to the vendor.

I consider this an overstatement. I'm sure given the choice they would choose a more secure setup.. but it would also depend on the costs differences.

They do have choices, PBS Endo isn't considered generally viable for the industry. It's known to be garbage and there are loads of alternatives. Almost no one uses it because it is so bad. So absolutely everyone uses it is making a very conscious decision to not care about it working well.

The theory that people are stuck with the one software out there essentially never applies. Somewhere, someone faces the "use it or make your own" ultimatum, but in decades of IT, I've never met anyone in the real world with that issue. Not even in really extremely niche industries. Certainly not in massive multi-billion dollar mainstream ones like this.

I would say keeping the software could lead easily lead to a breach is a pretty bad choice. I'd question any CIO who would say SMB v1 is acceptable and we feel confident we cannot be breached.

So it's either that or you ar actively putting your data and PHI at risk. Which could potentially lead to jail time.

scottalanmiller

@IRJ said in PBS Endo Performance Issues on Windows 10 1903:

I would say keeping the software could lead easily lead to a breach is a pretty bad choice. I'd question any CIO who would say SMB v1 is acceptable and we feel confident we cannot be breached.

In a situation like this, though, it's really important to remember that SMB1 poses absolutely zero threat. Environments running software like this have no security. SMB3 would not add anything, as everything is wide open. If the network were compromised, they'd already be compromised. SMB1 or 3 makes no difference.

SMB1 is bad, yes. But irrelevant and a red herring here. SMB1 was considered adequate for decades. Today, suddenly we think its a big security concern. But setups like how PBS Endo is run are so insecure that even in 1998 with SMB1 as the only choice, it would be ridiculously insecure by the standards at that time.

Using SMB1 is the absolutely only logical way to proceed. Don't get sidetracked by something so trivial and in the weeds. Running an non-secured, totally wide open, unsupprted, ghost shipped, piece of crap that would be a joke in 1996 is the real issue and where the CIO (which is a doctor) has lost his mind.

scottalanmiller

@IRJ said in PBS Endo Performance Issues on Windows 10 1903:

So it's either that or you ar actively putting your data and PHI at risk. Which could potentially lead to jail time.

SMB3 isn't a factor in the above. The doctor should absolutely look at jail time for blatant disregard for PHI. They should audit all companies running stuff like this. But they don't. And doctors can accord good lawyers. That's their game plan.

Dashrender

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

@IRJ said in PBS Endo Performance Issues on Windows 10 1903:

So it's either that or you ar actively putting your data and PHI at risk. Which could potentially lead to jail time.

SMB3 isn't a factor in the above. The doctor should absolutely look at jail time for blatant disregard for PHI. They should audit all companies running stuff like this. But they don't. And doctors can accord good lawyers. That's their game plan.

Is there PHI for animals? Isn't this vet software?

scottalanmiller

@Dashrender said in PBS Endo Performance Issues on Windows 10 1903:

@scottalanmiller said in PBS Endo Performance Issues on Windows 10 1903:

@IRJ said in PBS Endo Performance Issues on Windows 10 1903:

So it's either that or you ar actively putting your data and PHI at risk. Which could potentially lead to jail time.

SMB3 isn't a factor in the above. The doctor should absolutely look at jail time for blatant disregard for PHI. They should audit all companies running stuff like this. But they don't. And doctors can accord good lawyers. That's their game plan.

Is there PHI for animals? Isn't this vet software?

No, but lots of vet software is made this way. PBS Endo is for Endodontics (teeth.)

But the veterinary industry, which is much poorer than the dental one, has at least 20 options, all of which are better than this. Some is a little better, some is modern.

batman

Instead of contacting support, have you tried the Bill & Melinda Gates Foundation along with viewers like you?